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Substance of Interview 

Applicants' would firstly like to thank examiner Abdulhakim Nobahar and his supervisor 
Qllberto Barron for granting a personal interview on August 29, 2005. As a result of the interview, 
it was agreed that claim 5 defines over the prior art of Harif. It was also agreed that the 
Applicants' would propose to amend claim 1 to more clearly set forth the relationship belween the 
External and Central entities with respect to authentication of the User. In response, Applicants- 
have amended claim 1 to include simBar language as claim 5 to clarify this relationship and 
submit that no new matter has bean added. In addition, Applicants' have amended claims 2 and 
3 for formality reasons. Also during the interview, the Applicants' emphasized that "digital 
Identity" as set forth In the claims and described imhe specification fe operationally different and 
distinct from prior art authentication techniques. Further elaboration on such differences follows. 

Remarks 

Claims 1-5 are pending in this application. Claims 1-5 stand rejected by Harif {U.S. 
Patent Publication No. 2002/0087881; hereafter 'Harif). Claims 1-3 are amended herewith. The 
prior art rejections are addressed below. 

Rejections u nder 35 U.S.C. 1 02 

Claims 1-5 were rejected under 35 USC 102(e) as being anticipated by Harif 
(2002/0087881). These rejections are respectfully traversed. 

To anticipate a claim, the reference must teach every element of the claim: la J claim is 
anticipated only if each and every element as set forth in the claim is found, either expressly or 
inherently described, in a single prior art reference." Verdegaat Bros. v. Union Oil Co. of 
California, 814 F,2d 628, 631, 2 USPQ2d 1051, 1053 (Fed, Cir, 1987), See MPEP 2131. This 
standard has not been met in the present case for the following reasons. 

Specific differences between the claims and the cited prior art are discussed below; 

With respect to claim 1, Harif does not identify or authenticate Users or individuals 
in e-commerce using digital identity. 

In Hap'f, task I dentitjeff^assigned toJasks. and digit al signatures pryiy'KlM ff? 
Sflffiputatianpl (fences - pot p Harif identifies a plurality of tasks requested by a network 
client with a unique identifier, or task ID: "Tf]or privacy purposes, each task receives a un?que 
Identifier to be used until the task completes processing." See [0052J. In paragraphs [0029) and 
[0030], Harif discloses that the network client 12 as shown in figure 1 corresponds to a 
computational device which may be, for example, a personal computer According to Hadf, upon 
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initially joining the heterogenous network, each such computational device Is certified by the PRC 
with a digital signature [0050J. In paragraph [0053], Harif again states that the digital signature 
(which may include a digital certificate) authenticates computational devices. 

Even, if the net wortc client Of HanT corresponded to a User, the "external-entity* wyp uld p« 

IncapabltLof positively identify^ uur.h u^ ff ) Harif repeatedly teachos f hit the identities of the 
network client, network server and network host all remain anonymous, or unknown, to one 
another [0042], [0047J, [0050]. Thus, Harif does not positively identify a User or individual as 
claimed. 

The task IP and digital signature of Harif ara different from dig ital identify. The digital 
identity of the current invention presents a unique Identification and authentication mechanism as 
set forth for example on page 5 lines 15-18 of the specification (and consistent with Applicants' 
remarks filed 04/27/2005) that is different from prior art techniques, in addition, the specification 
makes it clear that (as opposed to e.g., digital certificates and task IDs which Involve installing or 
downloading software/program instructions on a computer) all that is required for positive 
identification or authentication are the three disclosed "entities'' in communication wfth one 
another and digital identity. Thus, the present Invention actually provides a highly simplified and 
cost-effective mechanism for Implementing User identification arid authentication into the 
marketplace. Even more, unlike the task Identifier of Harif, the digital identity does not require an 
existing relationship between the User and External-Entity and thereby expands the scope of 
businesses that are able to authenticate the User beyond those that are "certified members" of a 
heterogenous network (cf. Hartf [0050]). 

Thus, because the system Harif does not positively Identity Users and the task Identity 
and digital signature of Harif do not correspond to, and are Inconsistent with digital identity, 
Applicants' submit that claim 1 is allows ble over the prior art. 

Regarding claim 2, Harif does not disclose providing the User with a digital identity 
that includes SecureCode and other information such as UserName, 

The SecureCode of the present invention Is described for example on page 5 lines 15-16 
and page 13 line 24 - page 1 S line 4 of the specification. The SecureCode is a component of the 
digital identity which either on its own, or combined with other information such as UserName, 
allows a User to be positively identified or authenticated in e-commerce. Harif does not disclose 
such a digital identity, SecureCode or UserName that positively identifies a User in e-commeroe, 
but rather uses a digital signature or task ID to identify either a computational device or task. See 
[0050] and [0052], Accordingly.Appllcant's submit that claim 2 is allowable either on its own 
and/or because it depends from claim 1. 

With respect to claim 3, Harif does not disclose providing a User with a 
SecureCode that is dynamic, non-predictable and time dependent. 
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On page 4 of the office action mailed 07/15/2005 it was asserted that the one-time 
password of Harlf corresponds to the recited time dependent alphanumeric code [0036], and the 
unique identifier corresponds to the recited dynamic, norbpredictable SecureCode [0052]. 
Applicants' respectfully disagree. 

Firstly, the one-time password and unique Identifier of Harif do not identify a User as 
does the claimed invention. Secondly, the one time password and unique identifier are not even 
used together and therefore cannot be combined to meet the dynamic, non-predictable and time 
dependent requirements of the SecureCode. For example, the one-time passwords addressed in 
paragraph [0036] are not provided to the network client, but to outside processors in order to 
access the netwonx client* resources. On the other hand, the unique identifier associated with 
the taskID is provided to the network client to identify an Individual task (wherein single-use 
authentication associated therewith Is assigned "directly to the resource request associated with 
the task w - not to a user). See [0052J. 

in contrast, the SecureCode of the present invention is novel in that it is formulated (e.g., 
using a proprietary algorithm) such that it is computationally infeasible to detect any pattern or 
User information - rendering it entirely non^gyessable and non-predictable. Moreover, unlike 
passwords, it is impossible for any two or more people to have the same SecureCode. In this 
way, the SecureCode rs capable of being used alone for authentication or is able to be uniquely 
combined with other User information as a second factor. 

Thus, Harif does not disclose providing a SecureCode to a User and that is further 
dynamic, non-predictable and time dependent as claimed. Accordingly, Applicants' submit that 
claim 3 is allowable over the prior art on its own and/or because it ultimately depends from claim 
1. 

Regarding claim 4, Applicant's submit that because claim 1 is allowable over the 
prior art, claim 4 is also allowable because it depends from claim 1. 

With respect to claim 5, Harif does not Identify or authenticate Users or individuals 
in e-commerce using digital identity. 

In Harif. t ask identifies are assigned to tasks, and digital signatures provided jo 
OOmputaflonaLclevices - not Users: Harif identifies a plurality of tasks requested by a network 
client with a unique Identifier, or task ID: "[f]or privacy purposes, each task receives a unique 
identifier to be used until the task completes processing. 11 See [0052J, In paragraphs [0029} and 
10030], Harif discloses that the network client 12 as shown in figure 1 corresponds to a 
computational device which may be, for example, a personal computer. Accortiing to Harif, upon 
Initially joining thB heterogenous network, each such computational device is certified by the FRC 
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wfth a digital signature [0050]. In paragraph [0053], Harif again states that the digital signature 
(which may Include a digital certificate) authenticates computational devices. 

fiyen jf the network Client Of Harif corresponded to a Use r, tha 'external-entity would he 
incapable of positively identifying such user. Harif repeatedly teaches that the identities of the 
network client, network server and network host all remain anonymous, or unknown, to one 
another [0042], [0047], [0050], Thus, Harif does not positively identify a User or individual as 
claimed. 

Ifae task IP amdiotol signature of Harif a re different from digital identity. The digital 
identity of the current invention presents a unique identification and authentication mechanism as 
set forth for example on page 5 lines 15-18 of the specification (and consistent with Applicants' 
remarks filed 04/27/2005) that is different from prior art techniques. In addition, the specification 
makes it clear that (as opposed to e.g., digital certificates or task IDs which require the user to 
install software or program Instructions on their computer) all that is required , for positive 
identification or authentication are the three disclosed "entities" In communication with one 
another and the digital identity. Thus, the present invention actually provides a highly simplified 
and cost-effective mechanism for implementing User Identification and authentication into the 
marketplace. Even more, unlike the task identifier of Harif, the digital identity does not require an 
existing relationship between the User and External-Entity and thereby expands the scope of 
businesses that are able to authenticate the User beyond those that are members of a 
heterogenous network (cf. Harif [0050J). 

Further regarding claim « t Harif does not disclose an External-Entrty requesting a 
User to authenticate himself using SecureCode or digital identity. 

Nowhere does Harif disclose a User submitting SecureCode or digital identity to the 
External-Entity. Asset forth for example on page 5 lines 15-18 and page 13 line 24 - page 15 
line 4 of the specification, the SecureCode of the present invention is a component of the digital 
identity which either on its own, or combined with other information such as UserName, allows a 
User to be positively identified or authenticated in e-commerce. Harif does not disclose a digital 
identity, SecureCode or UserName that positively identifies a User in e-commerce, but rather 
uses a digital signature or task ID to identify either a computational device ortask. See [0050] 
and [0052], 

Further regarding claim 5, Harif does not disclose a SecureCode that Is dynamic, 
non-predictable and time dependent 

On page 5 of the office action mailed 07/15/2005 it was asserted that the one-time 
password of Harif corresponds to the recited time dependent alphanumeric code [0036], and the 
unique identifier corresponds to the recited dynamic, non-predictable SecureCode [0052]. 
Applicants' respectfully disagree. 
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Firstly, the one-time password and unique Identifier of Harif do not identify a User as 
does the present invention as claimed. Secondly, the one time password and unique identifier 
are not even used together and therefore cannot be combined to meet the dynamic, non- 
predictable and time dependent requirements of the SecureCode. For example, the one-time 
passwords addressed in paragraph 10036] are not provided to the network client, but to outside 
processors in order to access the network client's resources. On the other hand, the unique 
identifier associated with the taskID is provided to the network client to identify an individual task 
(wherein single-use authentication is assigned "directly to the resource request associated with 
the task" - not to a user). See [0052]. 

In contrast, the SecureCode of the present invention is novel in that it is formulated (e.g., 
using a proprietary algorithm) •such that it is computationally infeasible to detect any pattern or 
User information therein - rendering It entirely non-guessable and non-predictable. Moreover, 
unlike passwords, it is impossible for any two or more people to have the same SecureCode. In 
this way, the SecureCode is capable of being used alone for authentication or is able to be 
uniquely combined with other User information as a seoond factor. 

Thus, Harif does not disclose providing a SecureCode to a User that Is dynamic non- 
predictable and time dependent as claimed. 

For the above described reasons, Applicants" respectfully submit that claim 5 is allowable 
over the prior art. 
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Conclusion 



Accordingly, Applicants' respectfully request reconsideration of the claim rejections based 
on the above amendments and remarks, it is believed that a full and complete response has 
been made to the outstanding Office Action, and as such, the present application is in condition 
for allowance. If the examiner believes that personal communication will expedite prosecution of 
this application, the Examiner Is invited to telephone the undersigned at (571) 228-2938. 



Respectfully submitted, 




Shawna J, Shay 
Agent for Applicants 
Registration No. 57,091 
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